CVE-2025-8948

A vulnerability was determined in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /front.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be...

Fedora 42 : python3-docs / python3.13 (2025-1a9ad70c05)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-1a9ad70c05 advisory. 3.13.6 is the sixth maintenance release of 3.13, containing around 200 bugfixes, build improvements and documentation changes since 3.13.5. ---- This update...

CLSA-2025-1755113204 Fix CVE(s): CVE-2025-29088

SECURITY UPDATE: denial of service issue due to incorrect memory allocations - debian/patches/CVE-2025-29088.patch: harden the SQLITEDBCONFIGLOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITEDBCONFIGLOOKASIDE documentation - CVE-2025-29088...

[SECURITY] Fedora 42 Update: python3-docs-3.13.6-1.fc42

The python3-docs package contains documentation on the Python 3 programming language and interpreter...

curl: Insecure WebSocket Usage in curl Documentation and Examples (CWE-319: Cleartext Transmission of Sensitive Information)

The curl source repository contains official documentation and example code that demonstrate WebSocket connections using the insecure ws:// protocol instead of the secure wss://. This misleading guidance may encourage developers to implement cleartext WebSocket endpoints, exposing users and...

GHSA-674P-XV2X-RF3G Litestar has potential log injection in exception logging

Summary Litestar does not escape url paths when logging exceptions. This makes logger vulnerable to CRLF injection if logging level is configured to debug or logexceptions is set to "always", which allows attackers to inject newlines and forge log entries. Details Litestar directly formats unquot...

PT-2025-34323 · Pypi · Litestar

Summary Litestar does not escape url paths when logging exceptions. This makes logger vulnerable to CRLF injection if logging level is configured to debug or log exceptions is set to "always", which allows attackers to inject newlines and forge log entries. Details Litestar directly formats...

CVE-2025-54783

creationtimestamp| type| source ---|---|--- 2025-08-07 05:44:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvrzteqplm2k...

CVE-2025-8495

creationtimestamp| type| source ---|---|--- 2025-08-03 04:08:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvhsma4shh26...

Metasploit Wrap-Up 08/01/2025

ESC support in Metasploit This week, we're excited to announce that Metasploit users can now detect certificate templates vulnerable to ESC9, ESC10, and ESC16 using the existing ldapescvulnerabletemplate module. In addition, users can now exploit these vulnerable templates with the brand new...

PT-2025-31613 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The vulnerability is a memory corruption issue. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

CVE-2025-8176

creationtimestamp| type| source ---|---|--- 2025-07-31 21:25:22+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvc35nusqs2u 2025-08-17 20:00:04+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwmocrd7os2w 2025-08-21 08:10:13+00:00| seen|...

MINI-C8G5-3MJM-4Q35

Bulletin has no description...

PT-2025-31520 · Undefined · Undefined

CVE-2025-7356 Rejected reason https://t.co/I9AXYWTXil...

yelp and yelp-xsl security update

An update is available for yelp-xsl, yelp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Yelp is the help browser for the GNOME desktop. It is designed to help...

RLSA-2025:7569 Important: yelp and yelp-xsl security update

Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including traditional man pages, info pages and documentation written in DocBook. Security Fixes: yelp: Arbitrary file read CVE-2025-3155 For more details...

CVE-2025-43023

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm DSA...

isf

This is a Python-based exploitation framework called ISF Industrial Exploitation Framework that is similar to Metasploit. It is designed for industrial control system ICS exploitation and is used for testing and demonstrating vulnerabilities in ICS devices. The framework is based on the open-sour...

CLSA-2025-1753375058 ruby: Fix of CVE-2024-27281

CVE-2024-27281: fix object injection and remote code execution in .rdocoptions and documentation cache loading...

Security update for python-requests

This update for python-requests fixes the following issues: Avoid problems with certificate caching in sslcontext. bsc1246104, ghpsf/requests6767 Update to 2.32.4: CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong...